Identity Management Services provide these capabilities:
Authentication – Quickly verify user identities (Who you are).
Authorization – Control users access (What you can access).
Administration – Manage users and the policies for controlling user’s access privileges.
Identity Management Services include:
Person Registry – New University identity system implemented for creation and maintenance of users’ electronic identities at the university and the resources they are permitted to access.
Single Sign-On (CAS) – A central authentication service (CAS) that enables a user to be prompted to log-in only once to access multiple web applications that are integrated with CAS.
Enterprise Directory Service (LDAP) – University repository of users and attributes for use in authentication and providing directory information. Lightweight Directory Access Protocol (LDAP) is the application protocol for querying and modifying the directory services.
Password Repository (Kerberos) – University’s main password store. When a user attempts to log into a system, their password is validated against what is stored in the Kerberos password repository.
Authentication Token (SafeNet) – A physical device (i.e. hardware token) provided to users for use is authenticating to some University systems. This SafeNet devise (key fob) provides one-time dynamic passwords for system log in’s.
User Network Identifier (NetID) – An assigned University wide identifier required by most online services to be entered along with password during log in to authenticate for access.
Kerberos (password repository) – Kerberos is the main password store used at the University for NetID, when a user or application authenticates against CAS the password is checked against the password stored in Kerberos.
SafeNet (Two-Factor authentication) – An authentication service that leverages user tokens to provide a two-factor, one-time password for enhanced security protection of sensitive data systems.
NetID+ (Two-Factor Authentication- Duo) – NetID+ is a new service that will start to become available in 2016 for employees. It will provide additional security that enables university web based systems to verify user’s identities with greater certainty.
Rutgers Guest Request System – Rutgers Guest Request System is an enterprise self-service tool that enables the University Guests to submit their requests to obtain a digital identity.